How to bridge 2 ethernet interfaces from host blade to guest VM

asked 2014-06-27 19:31:07 -0600

rasselin gravatar image

I'm trying to bridge my host's eth0 and eth1 into a vm's eth0 and eth1. I did manage to do it once documented here: https://etherpad.openstack.org/p/juno-cinder-3rd-party-cert-and-verification (https://etherpad.openstack.org/p/juno...)

But I'm not able to reproduce it on a new devstack setup based on stable/icehouse. Regardless, there's gotta be a better way.

Does anyone know the "correct" way to do this?


Here's the extract from the above link:

Configuring the host openstack "provider" to allow access to guest openstack "nodes" with two eth has proved to be trick. e.g host eth0 --> instance eth0 (public network) host eth1 --> instance eth1 (iSCSI network). Nova-network seems to be broken / doesn't support this / I'm not smart enough to follow the docs on doing this: http://docs.openstack.org/admin-guide-cloud/content/section_use-multi-nics.html (http://docs.openstack.org/admin-guide...) . But I did get it working manually: Briefly:

  1. Create an instance vm to setup basic networking within nova (no idea why this step is necessary, but if you skip it, you won't be able to log into instances. But it'd be good to re-confirm if this is really true..perhaps I messed up somewhere)

  2. create the network: nova network-create my_iscsi --fixed-range-v4=10.10.121.241/29 --bridge=br_iscsi --bridge-interface=eth1 --multi-host=T

  3. Add eth1 to the bridge: sudo brctl addif br_iscsi eth1

  4. Move the ip from eth1 to br-iscsi sudo ifconfig br_iscsi add 10.10.121.113 sudo ip addr del 10.10.121.113/19 dev eth1

  5. Update routing tables:
    sudo ip route add 10.10.96.0/19 dev br_iscsi proto kernel scope link src 10.10.121.113

  6. (Done within jenkins job) Manually configure eth1 in the instance vm: with the private ip address it's assigned: ifup eth1 (it will get it's ip via nova's dhcp server) Ensure the routing table is correct. e.g. up route add -net 10.10.120.0/23 dev eth1

My devstack nova setup (for better or worse): local.conf has:

[[local|localrc]]

FLOATING_RANGE=10.50.132.17/28

FIXED_RANGE=10.50.132.34/27

FIXED_NETWORK_SIZE=30

FLAT_INTERFACE=eth0

FLAT_INJECTED=true

FLAT_NETWORK_BRIDGE=br100

PUBLIC_INTERFACE=eth0

[[post-config|$NOVA_CONF]]

[DEFAULT]

multi_host = True

allow_same_net_traffic = False

send_arp_for_ha = True

share_dhcp_address = True

edit retag flag offensive close merge delete

Comments

I figured out the 1st half of the problem: auto-creation of the bridge interfaces. Investigation notes here: https://bugs.launchpad.net/nova/+bug/1336551 (https://bugs.launchpad.net/nova/+bug/...)

Summary: the FLAT_INTERFACE value provided in nova.conf is used by nova-network INSTEAD OF the value passed into: --bridge-interface= !! This was to fix a bug: "Allows heterogeneous networks a la bug 833426"

Workaround is to force the /etc/nova.conf to be an empty string.

FLAT_INTERFACE=

My attempt to auto-set this in variable local.conf failed (solutions welcomed), but after running stack.sh, manually make the change to /etc/nova/nova.conf, and then the above nova network-create will use the specified value in --bridge-interface=

Still need to figure out the routing tables.

rasselin gravatar imagerasselin ( 2014-07-31 15:15:08 -0600 )edit

This blog has the partial answer using neutron. The next part is not posted yet.

http://www.weston.la "DevStack Neutron With ML2, Open VSwitch, VLANs, and Overlay VxLAN Tunnels"

rasselin gravatar imagerasselin ( 2014-08-22 17:53:49 -0600 )edit

1 answer

Sort by ยป oldest newest most voted
0

answered 2014-12-25 05:35:07 -0600

Check your /etc/sysctl.conf file and ensure that you have enabled ipv4 forwarding

net.ipv4.ip_forward=1

And try enable MASQUERADE via iptables.

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2014-06-27 19:31:07 -0600

Seen: 1,122 times

Last updated: Dec 25 '14